It is all obvious or trivial except…

Bwahahahahahaha!

Every parent in the country has been put at risk of fraud and identity theft after the Government lost 25 million personal records in Britain’s worst ever data protection breach.

Two compact discs containing bank details and addresses of 9.5 million parents and the names, dates of birth and National Insurance numbers of all 15.5 million children in the country went missing after a junior employee of HM Revenue and Customs put them in the post, unrecorded and unregistered.

32 comments on “Bwahahahahahaha!”

Don’t bet on it. This shower of shits knows what’s best for all of us. The ID card database wil be better protected, they’ll have improved procedures, everything will be wonderful and the utopian world in which we live will better than ever.

Of course MPs won’t have their details on the database because that would be a security risk.

Meanwhile, as per an entry here last week, they are already gearing up to demand all sorts of personal information, including credit card details, just for travelling internally within the UK (to NI at first). Where will that info end up?

JuliaM,
Bollocks – the government is responsible. Who do you think specifies the system design? Can’t you see there is common link between all these failing computer system and lax security procedures? Yes, it is the government.
Basic security point: why do the pc’s have writeable CD drives?

Oh, sure, not to take anything away from the government’s responsibility here. They have, after all, continued to employ these IT companies, despite the impressive list of failures, rip-offs and poor system design stretching behind them….

Regarding ID cards, the fact is that I am (reasonably) asked for proof of personal identity when collecting parcels from the Royal Mail sorting office and when applying for benefits. From experience, it is evidently acceptable to present a receipted utility bill as evidence of personal ID – which is just ludicrous. Passports are a form of ID document and no one is suggesting giving up passports anytime soon.

“Passports are a form of ID document and no one is suggesting giving up passports anytime soon.”

Bob, I’ve told you this before: a record isn’t kept of every time you show your passport to someone. They WILL keep a record of every time you use your ID card. They don’t require you to show your passport to get a drink in a bar. They WILL require this when ID cards are mandatory.

“…why do we not hear of “failures, rip-offs and poor system design” in the private sector?”

The private sector wouldn’t stand for that level of incompetence – and they certainly wouldn’t keep employing them! Also, I suspect the private sector would employ knowledgeable project managers who would know when the wool was being pulled over their eyes by shyster IT consultancies.

Not something you can say about the vast majority of senior civil servants…

For the same reason that people scatter apostrophes where they aren’t required: because they can’t be bothered to think about it. Of course, an extra apostrophe here and there just gets grammar nazis like me annoyed. But CD writers everywhere seriously undermines security.

“Bob, I’ve told you this before: a record isn’t kept of every time you show your passport to someone etc etc”

Some passport control desks stamp and/or take image of passports on passing through frontier posts. West Germany, for instance, adopted discrete but rigorous passport imaging in the 1970s to track members of the Bader-Meinhof gang – as a result of which some members were trapped at frontier posts. In any event, America is insisting on inclusion of biometric data in passports.

Everytime I use my travel pass to travel on public transport in London that is logged electronically and I have to submit proof of identity with a photo to get the pass in the first place.

Speed cameras on roads have number plate recognition which is how speeding penalty notices are served.

We have more than 4 million CCTV cameras installed in public places in Britain and those who know about these things told me years ago that face recognition software was getting very good.

Google keeps a record of all Google searches and ISPs in Britain are legally obliged to retain records of internet traffic for five years. Mobile phone operators need to keep continuous track of the location of handsets in order to deliver calls and the origin and destination of mobile calls are recorded. This information has already featured in several criminal trials in evidence for the prosecution or defence.

All this stuff about ID cards infringing precious personal liberty is hysterical nonsense – although there is always, as with umpteen previous failed government IT projects, the prospect of another technical screw up. The fact is that we have very little privacy left – get used to it. A national database of personal medical records is a far greater threat than personal ID cards – and women are especially vulnerable to blackmail over their medical histories.

Another fact is that I’m asked to provide proof of personal identity and ID cards would be a boon for that. ID would also help to track and trap identity fraud – a couple of years back I had a phone call from a guy asking me why I hadn’t supplied the computer memory I had supposedly sold to him on eBay for c. £100. I’d never been on eBay, let alone sold computer memory there, but someone had and had left my name, address and telephone number as the vendor contact details. I was later phoned by a private investigator who wanted lots of details about the banks I had accounts with. The money had reportedly been paid into a PayPal account – and I didn’t and don’t have one but how to prove that??

Just over a year ago, a phone bill with my name and address dropped through my letterbox – but it wasn’t my telephone. I had to rush round to my bank to stop payment by direct debit and I also went to the police. Fraud was just one possibility but what if the phone calls listed involved crime or planning terrorism? The police line was that since I hadn’t actually paid the bill, I wasn’t a victim of fraud – but I made sure to leave the bill with them in case they were inclined to check the calls.

ID would also help to track and trap identity fraud – a couple of years back I had a phone call from a guy asking me why I hadn’t supplied the computer memory I had supposedly sold to him on eBay for c. £100.

Yes, very touching story and all that, but could you explain how having an ID card would have prevented that?

Just because you, Bob, think you have no privacy, that it’s not worth defending, then fine. Allow Google to put a cookie on your browser, don’t encrypt your emails, and take down your curtains. Some of us want privacy, so please stop trying to tell me that an ID is a good idea because it helps you pick up a parcel at the Post Office. I personally don’t want to be legally obliged to get one of these fucking things, I certainly don’t want to pay for it, and I mostly certainly don’t want to be defacto forced to carry it in order to get a drink in a bar or check into a hotel.

“The money had reportedly been paid into a PayPal account – and I didn’t and don’t have one but how to prove that??”

And an ID card is going to help just how? You’re in effect proposing that it will be mandatory to show an ID card to open a PayPal account. That you will have to go to a PayPal branch office to have your fingerprints taken to check the card is valid. For every financial transaction you will be required to be there in person with the card to validate it. Because that’s the only way that the UK ID card is going to stop ID fraud. You may think that conducting transactions face-to-face is a good thing, but PayPal (who don’t have branch offices), the Internet-savvy citizens, and infirm people who can’t get out will find it all rather too difficult. So difficult that none of this is going to happen: the ID card will just be another one of those stupid New Labour boondoggles.

“You’re in effect proposing that it will be mandatory to show an ID card to open a PayPal account. ”

Certainly – an ID card to open a bank or online payment account. Biometric data will be on record should identity become an issue. And btw one of my PC keyboards has a fingerprint reader built in as a security device.

For several months before the guy phoned to complain that I’d not sent him the computer memory he had bought from me on eBay, I’d been pressured online in various ways to open a PayPal account. Coincidence or an attempt to frame me?

IMO you’re in denial about the facts: car movements are routinely tracked by speed and congestion charge cameras. Where your or my mobile is located is on record by mobile phone companies and the origins and destinations of your and my calls are recorded. It is rumoured that all phone calls are continuously monitored for instances of an array of key words. My guess is that include “sarin” or “botulin” in your online message then you will be looked into.

We actually have very little remaining privacy of movement or communication but the prospect of criminal access to personal medical records is a good cause for worry. And what will happen if – as is highly likely – the geneticists manage to narrow down still further which genes are linked to susceptibility for various diseases?

Insurance companies will certainly want to know your personal genome when you apply for a policy of life or travel insurance – and, very likely, so will employers if you are up for promotion to a senior post. Those prospects are much greater causes for concern than ID cards – which we had during WW2.

Julia – The planned NHS database of personal medical records is a far more serious threat than personal ID Cards and the fact is that I’m asked for proof of identity on occasion – an issue you simply refuse to address while persisting in making hysterical outbursts.

“Certainly – an ID card to open a bank or online payment account. Biometric data will be on record should identity become an issue. And btw one of my PC keyboards has a fingerprint reader built in as a security device.”

No no no no no. You cannot do biometrics remotely. You cannot open an online bank account online: for biometrics to work you have to be face-to-face. Woop-de-do that you have a fingerprint reader. It’s trivial to lift a fingerprint, or even make one, that will fool this kind of technology. And once someone does get your fingerprints and copy them, set up a PayPal account, and start defrauding, what are you going to do? Tell the police that it wasn’t you? Cut your fingers off and get some replacements (c.f. Minority Report)? With biometrics, once you’re cloned, you’re fucked.

“Where your or my mobile is located is on record by mobile phone companies and the origins and destinations of your and my calls are recorded.”

It’s very important to understand the difference between this and the ID card database. The key is that the mobile phone companies hold the data. They do not hand it over wholesale: the police have to make a very specific request for data as part of investigating a crime. The police cannot routinely mine the data looking for “interesting” patterns and people to call on. The ID database is different: it is held by the Home Office and the Act specifically permits data mining by the police, security services and HMRC for that matter. It’s the difference between Big Brother being able to investigate, and Big Brother actively watching.

“Those prospects are much greater causes for concern than ID cards – which we had during WW2.”

No, Bob, you had quaint little bits of cardboard that let you get parcels from the Post Office. The system being proposed now is nothing like a WW2 ID card.

“an issue you simply refuse to address while persisting in making hysterical outbursts.”

Not at all. The Government aren’t offering a secure ID card that we can choose to buy when it would help us prove ID. They are forcing us to sign up to it and it is vastly more than a device to prove identity. If you simply wanted a hard-to-forge proof of identity you could get a smartcard with a digital photo that is digitally signed, perhaps fingerprints, and no need for an online database. We already have this: the passport. Instead of issuing a small card, on request, like a passport, they are building a massive infrastructure for storing all uses of the card, and using it to index into all the other databases (medical, tax, criminal) to make a vast super-database. If it was about you being able to prove identity, why would they do that Bob?

Bob B, your central point seems to be that the NHS spine represents a greater threat than ID cards, ergo don’t worry about ID cards. Can’t we just worry about them both? In fact, if we make our worry proportional to our ability to do something then with ID cards we at least have a shot of preventing them. As for the NHS spine…..

“Bob B, your central point seems to be that the NHS spine represents a greater threat than ID cards, ergo don’t worry about ID cards. Can’t we just worry about them both?”

I worry a lot about the NHS spine because I use the NHS a lot and it’s pretty clear to me that my medical state shouldn’t be available to all. But I have suffered from identity theft several times, and if I had an ID card it would have stopped this and it would be useful when collecting parcels from the Post Office.

“I worry a lot about the NHS spine because I use the NHS a lot and it’s pretty clear to me that my medical state shouldn’t be available to all. But I have suffered from identity theft several times, and if I had an ID card it would have stopped this and it would be useful when collecting parcels from the Post Office.”

That message is not from me despite the heading with my usual online monika.

In the real world, it is sometimes necessary to establish that you are who you claim to be and, also, to show that someone who claims to be you is, in fact, an imposter.

In the real world, various criminal trials have shown that some (benefit) fraudsters and some terrorists had established multiple identities in order to evade detection. ID cards with biometrics would help the police to investigate such cases and short-cut the discovery of multiple identities.

Btw my medical history is not an embarrassment but that is not true for everyone. Some months back, I asked my GP if he knew where my medical record which he was reading on screen was actually stored. He said he didn’t know. He just clicks to call it up when he needs to.

“ID cards with biometrics would help the police to investigate such cases and short-cut the discovery of multiple identities.”

And how would that work then? You failed to explain how “biometrics” would stop ID fraud (curiously silent on that Bob, not even a link?). And rather than explain that to us, you move on to the old chestnut “terrorists use multiple identities”. Precisely how will “biometric” ID cards help the police? Give us a scenario, detailing how fingerprints and ID cards help the police. Come on Bob, walk us through how it would work.

Kay – “And how would that work then? You failed to explain how ‘biometrics would stop ID fraud (curiously silent on that Bob, not even a link?).”

Do try to avoid being totally fatuous.

Biometric data make it much easier for the police to identify cases of multiple identities and thereby facilitate the course of investigation, detection, prosecution and proof at trial. Biometric data deters identity theft because it is easier to prove when someone is falsely claiming to be someone else.

Criminal laws haven’t prevented crime but we have such laws and law enforcement agencies because most of us believe life would be a great deal more hazardous without them. On your argument, because criminal law hasn’t prevented all crime we should scrap the laws as an infringement of personal liberty – and laws do restrict personal liberty.

“Biometric data make it much easier for the police to identify cases of multiple identities and thereby facilitate the course of investigation, detection, prosecution and proof at trial.”

No it doesn’t. You don’t understand the difference between verification and identification. Fingerprints are accurate enough only for verification (is this person the person they claim to be), not identification (who is this unknown person). It is a technical fiction that biometrics, as they are proposed, will be able to eliminate duplicate identities (it *might* have worked for iris scans, but they’ve been dropped).

You STILL haven’t given a scenario where an ID card will prevent identity fraud. You’ve just repeated Home Office press release jargon. Go on. Give a detailed scenario, worked through. Who is going to issue the card? How will the biometric data be collected? Exactly what will the police see? What will we be forced to carry? How will we use the card? Who will read it? What will the reader be able to determine? How will the police catch a fraudster?

The trouble is, Bob, these things are highly technical, with weaknesses, strengths and limitations. The general public (which includes you) simply do not understand. If you took the time to study the field you might well grasp it, but you (and most people) don’t, so you take at face value what the Home Office, ministers and journalists write, layered with a bit of confirmation bias. Thus the “debate” becomes pointless: a regurgitation of nonsense words (where “photo of face” becomes “biometric” and fingerprints of all fingers becomes “ten point biometric”) with no understand how the system will be assembled, run and beaten.

“On your argument, because criminal law hasn’t prevented all crime we should scrap the laws as an infringement of personal liberty”.

No. Your analogy is bogus: I am against ID cards because they won’t achieve the stated aims, and will be a tool for oppression in the hands of a totalitarian Government. I am similarly against any criminal law that cannot achieve the stated aims (“hate crime” laws, for example) and does a great deal of harm as well (a chilling of free speech, for example).

BobB,
Has of course, got it all wrong. None of this is about stopping anything other than our liberty to move where we will, when we will. It is all about control, of us. We should be against all things of this type. With this ,or any government’s ability to run a datas base I would be very, very worried. The government is your enemy, just concentrate on that.